On Mon, Feb 17, 2014 at 9:52 AM, Zoltan Kiss <zoltan.kiss@xxxxxxxxxx> wrote:Well, I might be wrong on that, but the scenario I was thinking: a guest (let's say domain 1) can have multiple interfaces on different Dom0 (or driver domain) bridges, let's say vif1.0 is plugged into xenbr0 and vif1.1 is in xenbr1. If the guest wants to make a bridge of this two, then using STP makes sense. I wanted to bring up CloudStack's virtual router as an example, but then I realized it's probably doesn't do such thing. However I don't think we should hardcode that a netback interface can't be RP ever.
On 15/02/14 02:59, Luis R. Rodriguez wrote:
From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
It doesn't make sense for some interfaces to become a root bridge
at any point in time. One example is virtual backend interfaces
which rely on other entities on the bridge for actual physical
connectivity. They only provide virtual access.
It is possible that a guest bridge together to VIF, either from the same
Dom0 bridge or from different ones. In that case using STP on VIFs sound
sensible to me.
You seem to describe a case whereby it can make sense for xen-netback
interfaces to end up becoming the root port of a bridge. Can you
elaborate a little more on that as it was unclear the use case.
If I understand you correctly, this is the same I suggested in my another email sent 1.5 hour ago.
Additionally if such cases exist then under the current upstream
implementation one would simply need to change the MAC address in
order to enable a vif to become the root port. Stephen noted there is
a way to avoid nominating an interface for a root port through the
root block flag. We should use that instead of the MAC address hacks.
Let's keep in mind that part of the motivation for this series is to
avoid a duplicate IPv6 address left in place by use cases whereby the
MAC address of the backend vif was left static. The use case your are
explaining likely describes the more prevalent use case where address
conflicts can occur, perhaps when administrators for got to change the
backend MAC address. If we embrace a random MAC address we'd avoid
that issue, and but we'd need to update userspace to use the root
block on topologies where desired.